Why does cyber governance matter? Cyberhedge has issued a Cyber Governance Alert on M because we believe the company has little margin for error in executing its digital strategy, and it must allocate the capital necessary to effectively manage the downside risks of this transformation to compete with online retail giants.

Why does cyber governance matter?

Cyberhedge has issued a Cyber Governance Alert on M because we believe the company has little margin for error in executing its digital strategy, and it must allocate the capital necessary to effectively manage the downside risks of this transformation to compete with online retail giants. Without better technology risk management, M is more likely to experience costly business disruption from digital and cyber risks.

What does the company need to do moving forward?

In our view, M’s continued underinvestment in cybersecurity relative to peers increases the probability of further shareholder value loss. If the next attack results in an operational disruption, such as a DDoS attack, revenue will be hit and the company’s two keystones, 1) the pricing power that comes from greater market share and 2) more accurate data to forecast customer buying behavior, will be further eroded. The next 4-6 quarters should reveal if M’s management decides to prioritize an increase in security staff and the necessary investments to improve the company’s overall cyber governance to peers.